URL: http://116.204.110.99:8082/login/index
Submission Tags: c2 malware vshell Search All
Submission: On October 29 via api from US — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 0 domains to perform 13 HTTP transactions. The main IP is 116.204.110.99, located in Beijing, China and belongs to HWCSNET Huawei Cloud Service data center, CN. The main domain is 116.204.110.99.
This is the only time 116.204.110.99 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 116.204.110.99 55990 (HWCSNET H...)
13 1
Apex Domain
Subdomains
Transfer
13 0
Domain Requested by
13 0

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://116.204.110.99:8082/login/index
Frame ID: 7F7F1CAAF4EE318FEE4740C3DA79B667
Requests: 13 HTTP requests in this frame

Screenshot

Page Title

Vshell - 登录

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

1
IPs

1
Countries

689 kB
Transfer

686 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index
116.204.110.99/login/
3 KB
3 KB
Document
General
Full URL
http://116.204.110.99:8082/login/index
Protocol
HTTP/1.1
Server
116.204.110.99 Beijing, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-116-204-110-99.compute.hwclouds-dns.com
Software
/
Resource Hash
d0dc6a1e6dd49ac935b7f7892d3fa37531b78b4eb54f9b459ef2da079c18e94e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
2805
Content-Type
text/html; charset=utf-8
Date
Sun, 29 Oct 2023 01:13:18 GMT
fontawesome.min.css
116.204.110.99/static/css/
54 KB
54 KB
Stylesheet
General
Full URL
http://116.204.110.99:8082/static/css/fontawesome.min.css
Requested by
Host: 116.204.110.99
URL: http://116.204.110.99:8082/login/index
Protocol
HTTP/1.1
Server
116.204.110.99 Beijing, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-116-204-110-99.compute.hwclouds-dns.com
Software
/
Resource Hash
fec7717a72b5343a3048dba9860c23bfcc12a2c48d641d2de64a17a9ded7a8e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://116.204.110.99:8082/login/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sun, 29 Oct 2023 01:13:18 GMT
Cache-Control
max-age=2592000
Last-Modified
Sun, 29 Oct 2023 09:13:18 GMT
Content-Length
55415
Content-Type
text/css; charset=utf-8
solid.min.css
116.204.110.99/static/css/
668 B
862 B
Stylesheet
General
Full URL
http://116.204.110.99:8082/static/css/solid.min.css
Requested by
Host: 116.204.110.99
URL: http://116.204.110.99:8082/login/index
Protocol
HTTP/1.1
Server
116.204.110.99 Beijing, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-116-204-110-99.compute.hwclouds-dns.com
Software
/
Resource Hash
f03720a941a15871ec4cb8f5a9c1abd0eb8f6ca90dd51c038c86d9e832a1fd10

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://116.204.110.99:8082/login/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sun, 29 Oct 2023 01:13:18 GMT
Cache-Control
max-age=2592000
Last-Modified
Sun, 29 Oct 2023 09:13:18 GMT
Content-Length
668
Content-Type
text/css; charset=utf-8
bootstrap.min.css
116.204.110.99/static/css/
156 KB
156 KB
Stylesheet
General
Full URL
http://116.204.110.99:8082/static/css/bootstrap.min.css
Requested by
Host: 116.204.110.99
URL: http://116.204.110.99:8082/login/index
Protocol
HTTP/1.1
Server
116.204.110.99 Beijing, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-116-204-110-99.compute.hwclouds-dns.com
Software
/
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://116.204.110.99:8082/login/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sun, 29 Oct 2023 01:13:19 GMT
Cache-Control
max-age=2592000
Last-Modified
Sun, 29 Oct 2023 09:13:19 GMT
Content-Length
159515
Content-Type
text/css; charset=utf-8
style.css
116.204.110.99/static/css/
199 KB
200 KB
Stylesheet
General
Full URL
http://116.204.110.99:8082/static/css/style.css
Requested by
Host: 116.204.110.99
URL: http://116.204.110.99:8082/login/index
Protocol
HTTP/1.1
Server
116.204.110.99 Beijing, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-116-204-110-99.compute.hwclouds-dns.com
Software
/
Resource Hash
e8ffdf8b4e949356e8af19ecd43febca3d80cf8fc677003a6899156de89dabf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://116.204.110.99:8082/login/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sun, 29 Oct 2023 01:13:19 GMT
Cache-Control
max-age=2592000
Last-Modified
Sun, 29 Oct 2023 09:13:19 GMT
Content-Length
204178
Content-Type
text/css; charset=utf-8
jquery-3.4.1.min.js
116.204.110.99/static/js/
86 KB
86 KB
Script
General
Full URL
http://116.204.110.99:8082/static/js/jquery-3.4.1.min.js
Requested by
Host: 116.204.110.99
URL: http://116.204.110.99:8082/login/index
Protocol
HTTP/1.1
Server
116.204.110.99 Beijing, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-116-204-110-99.compute.hwclouds-dns.com
Software
/
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://116.204.110.99:8082/login/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sun, 29 Oct 2023 01:13:19 GMT
Cache-Control
max-age=2592000
Last-Modified
Sun, 29 Oct 2023 09:13:19 GMT
Content-Length
88145
Content-Type
application/javascript
bootstrap.min.js
116.204.110.99/static/js/
59 KB
59 KB
Script
General
Full URL
http://116.204.110.99:8082/static/js/bootstrap.min.js
Requested by
Host: 116.204.110.99
URL: http://116.204.110.99:8082/login/index
Protocol
HTTP/1.1
Server
116.204.110.99 Beijing, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-116-204-110-99.compute.hwclouds-dns.com
Software
/
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://116.204.110.99:8082/login/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sun, 29 Oct 2023 01:13:19 GMT
Cache-Control
max-age=2592000
Last-Modified
Sun, 29 Oct 2023 09:13:19 GMT
Content-Length
60010
Content-Type
application/javascript
language.js
116.204.110.99/static/js/
6 KB
6 KB
Script
General
Full URL
http://116.204.110.99:8082/static/js/language.js
Requested by
Host: 116.204.110.99
URL: http://116.204.110.99:8082/login/index
Protocol
HTTP/1.1
Server
116.204.110.99 Beijing, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-116-204-110-99.compute.hwclouds-dns.com
Software
/
Resource Hash
a564f5dddf47414b410891a347293a02feed259a9060497f579c80e93ed5e370

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://116.204.110.99:8082/login/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sun, 29 Oct 2023 01:13:19 GMT
Cache-Control
max-age=2592000
Last-Modified
Sun, 29 Oct 2023 09:13:19 GMT
Content-Length
6263
Content-Type
application/javascript
fonts.css
116.204.110.99/static/css/
16 KB
16 KB
Stylesheet
General
Full URL
http://116.204.110.99:8082/static/css/fonts.css
Requested by
Host: 116.204.110.99
URL: http://116.204.110.99:8082/static/css/style.css
Protocol
HTTP/1.1
Server
116.204.110.99 Beijing, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-116-204-110-99.compute.hwclouds-dns.com
Software
/
Resource Hash
ab8b9ee68c32df7b73f268fe4370bae564539e1ae4868ee3e0ba64511b04b5dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://116.204.110.99:8082/static/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sun, 29 Oct 2023 01:13:20 GMT
Cache-Control
max-age=2592000
Last-Modified
Sun, 29 Oct 2023 09:13:20 GMT
Content-Length
16616
Content-Type
text/css; charset=utf-8
fa-solid-900.woff2
116.204.110.99/static/webfonts/
74 KB
75 KB
Font
General
Full URL
http://116.204.110.99:8082/static/webfonts/fa-solid-900.woff2
Requested by
Host: 116.204.110.99
URL: http://116.204.110.99:8082/static/css/solid.min.css
Protocol
HTTP/1.1
Server
116.204.110.99 Beijing, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-116-204-110-99.compute.hwclouds-dns.com
Software
/
Resource Hash
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c

Request headers

Referer
http://116.204.110.99:8082/static/css/solid.min.css
Origin
http://116.204.110.99:8082
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sun, 29 Oct 2023 01:13:20 GMT
Cache-Control
max-age=2592000
Last-Modified
Sun, 29 Oct 2023 09:13:20 GMT
Content-Length
76120
Content-Type
font/woff2
languages.xml
116.204.110.99/static/page/
31 KB
32 KB
XHR
General
Full URL
http://116.204.110.99:8082/static/page/languages.xml
Requested by
Host: 116.204.110.99
URL: http://116.204.110.99:8082/static/js/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Server
116.204.110.99 Beijing, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-116-204-110-99.compute.hwclouds-dns.com
Software
/
Resource Hash
6a1b302725fff132a68a26d1c1eb0d59151937bc94fd84bd71db16d7f8df956c

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
http://116.204.110.99:8082/login/index
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sun, 29 Oct 2023 01:13:20 GMT
Cache-Control
max-age=2592000
Last-Modified
Sun, 29 Oct 2023 09:13:20 GMT
Content-Length
32077
Content-Type
text/xml; charset=utf-8
zh-CN.png
116.204.110.99/static/img/flag/
503 B
683 B
Image
General
Full URL
http://116.204.110.99:8082/static/img/flag/zh-CN.png
Protocol
HTTP/1.1
Server
116.204.110.99 Beijing, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-116-204-110-99.compute.hwclouds-dns.com
Software
/
Resource Hash
d87a4564c20bd4f8afe113d5750f78b169440bcabb98c6c3b4b9cac9a8b82bae

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://116.204.110.99:8082/login/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sun, 29 Oct 2023 01:13:21 GMT
Cache-Control
max-age=2592000
Last-Modified
Sun, 29 Oct 2023 09:13:21 GMT
Content-Length
503
Content-Type
image/png
en-US.png
116.204.110.99/static/img/flag/
389 B
569 B
Image
General
Full URL
http://116.204.110.99:8082/static/img/flag/en-US.png
Protocol
HTTP/1.1
Server
116.204.110.99 Beijing, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-116-204-110-99.compute.hwclouds-dns.com
Software
/
Resource Hash
1590f871a620b6f171f4a03b2f9b06cf25c21101d71b8a3905eb0f02f7bf86bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://116.204.110.99:8082/login/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sun, 29 Oct 2023 01:13:21 GMT
Cache-Control
max-age=2592000
Last-Modified
Sun, 29 Oct 2023 09:13:21 GMT
Content-Length
389
Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap object| languages object| charts object| chartdatas undefined| postsubmit function| langreply function| submitform function| changeunit function| login object| nps string| string

2 Cookies

Domain/Path Name / Value
116.204.110.99/ Name: beegosessionID
Value: 38204cef5d11828452d96c17687c40b7
116.204.110.99/ Name: lang
Value: en-US